python/bandit: Use .bandit configuration file

Bandit automatically [uses any .bandit file] within the directories on which it is invoked. Since ALE invokes bandit on stdin, it does not load a .bandit file automatically. Add support for automatically finding a .bandit file and passing it to bandit via the --ini option along with a variable to disable this behavior if desired. Note: This is useful for the skips and tests configuration options, but not exclude which would require invoking bandit using a file name, which may or may not be a good trade-off. [uses any .bandit file]: https://github.com/PyCQA/bandit/blob/1.5.1/bandit/cli/main.py#L70-L73 Signed-off-by: Kevin Locke <kevin@kevinlocke.name>
2025-12-26 14:01:10 +08:00 · 2019-02-17 14:11:56 -07:00
parent c3d4e0983b
commit 52c2400786
6 changed files with 42 additions and 0 deletions
--- a/test/command_callback/test_bandit_command_callback.vader
+++ b/test/command_callback/test_bandit_command_callback.vader
@@ -47,3 +47,25 @@ Execute(Pipenv is detected when python_bandit_auto_pipenv is set):
  \ . ' run bandit'
  \ . b:bandit_flags
  \ . ' -'
+
+Execute(The bandit command callback should add .bandit by default):
+  silent execute 'file ' . fnameescape(g:dir . '/python_paths/with_bandit/namespace/foo/bar.py')
+
+  let b:config_path = ale#path#Simplify(
+  \ g:dir . '/python_paths/with_bandit/.bandit'
+  \)
+
+  AssertLinter 'bandit',
+  \ ale#Escape('bandit')
+  \ . ' --ini ' . ale#Escape(b:config_path)
+  \ . b:bandit_flags
+  \ . ' -'
+
+Execute(The bandit command callback should support not using .bandit):
+  silent execute 'file ' . fnameescape(g:dir . '/python_paths/with_bandit/subdir/foo/bar.py')
+  let g:ale_python_bandit_use_config = 0
+
+  AssertLinter 'bandit',
+  \ ale#Escape('bandit')
+  \ . b:bandit_flags
+  \ . ' -'